hermes - 💡(How to fix) Fix Per-user USER.md isolation for multi-user platform deployments

Problem

MemoryStore.USER.md is a single global file at <HERMES_HOME>/memories/USER.md. Hermes injects this file's contents into every conversation's system prompt regardless of which platform user (Slack, Discord, etc.) is messaging the agent.

For single-user deployments this is fine. For multi-user platform ACLs (e.g., a Slack bot serving a 7-person sales team), it creates cross-user preference contamination:

• User A: "always round dollar amounts to thousands" → global USER.md
• User B: "show exact amounts down to the cent" → same global USER.md
• Both users now see the agent applying both preferences regardless of who's chatting.

This is a structural problem for any multi-user Hermes deployment that wants to remember per-user preferences.

Proposed solution

Make MemoryStore aware of the platform user_id and resolve USER.md per-user when user_id is set:

• user_id=None (TUI, one-shot, no platform context): <HERMES_HOME>/memories/USER.md — current behavior, backward compatible
• user_id=<id> (any platform): <HERMES_HOME>/memories/users/<id>/USER.md

MEMORY.md (agent's own learned knowledge) stays global. Only USER.md (per-user preferences) is partitioned.

Implementation

Working patch in companion PR. Purely additive — user_id defaults to None, no behavior change for any existing call site.

Production context

Running this patch in production on a multi-user Slack deployment since 2026-05-15. Validated end-to-end 2026-05-16. Surviving daily hermes update cycles via a local re-apply script.

Related: #527 (Permission Tiers) is orthogonal — that's about who can use what tools; this is about whose preferences are stored where.